From a2a5ac491ae005ba2afd03fd21b7d3160d794a83 Mon Sep 17 00:00:00 2001 From: Weikeng Chen Date: Wed, 11 Aug 2021 04:05:13 -0700 Subject: [PATCH] Fix BLS12 G2PreparedGadget's AllocVar with a divisive twist (#77) * fix * tidy up Cargo; add changelog * fix nostd * removal of the test * fmt --- CHANGELOG.md | 2 + .../curves/short_weierstrass/bls12/mod.rs | 37 +++++++++++++------ 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6af6620..8f1cfca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,8 @@ ### Bug Fixes +- [\#77](https://github.com/arkworks-rs/r1cs-std/pull/77) Fix BLS12 `G2PreparedGadget`'s `AllocVar` when G2 uses a divisive twist. + ## v0.3.1 ### Features diff --git a/src/groups/curves/short_weierstrass/bls12/mod.rs b/src/groups/curves/short_weierstrass/bls12/mod.rs index a9384a2..9563c05 100644 --- a/src/groups/curves/short_weierstrass/bls12/mod.rs +++ b/src/groups/curves/short_weierstrass/bls12/mod.rs @@ -10,7 +10,6 @@ use crate::{ groups::curves::short_weierstrass::*, Vec, }; - use core::fmt::Debug; /// Represents a projective point in G1. @@ -124,16 +123,32 @@ impl AllocVar, P::Fp> for G2PreparedVar

{ let cs = ns.cs(); let g2_prep = f().map(|b| { let projective_coeffs = &b.borrow().ell_coeffs; - let mut z_s = projective_coeffs - .iter() - .map(|(_, _, z)| *z) - .collect::>(); - ark_ff::fields::batch_inversion(&mut z_s); - projective_coeffs - .iter() - .zip(z_s) - .map(|((x, y, _), z_inv)| (*x * &z_inv, *y * &z_inv)) - .collect::>() + match P::TWIST_TYPE { + TwistType::M => { + let mut z_s = projective_coeffs + .iter() + .map(|(_, _, z)| *z) + .collect::>(); + ark_ff::fields::batch_inversion(&mut z_s); + projective_coeffs + .iter() + .zip(z_s) + .map(|((x, y, _), z_inv)| (*x * &z_inv, *y * &z_inv)) + .collect::>() + } + TwistType::D => { + let mut z_s = projective_coeffs + .iter() + .map(|(z, _, _)| *z) + .collect::>(); + ark_ff::fields::batch_inversion(&mut z_s); + projective_coeffs + .iter() + .zip(z_s) + .map(|((_, x, y), z_inv)| (*x * &z_inv, *y * &z_inv)) + .collect::>() + } + } }); let l = Vec::new_variable(